Volerion logoVolerion
Volerion logoVolerion

Cisco Secure Firewall ASA and FTD Software OSPF Heap Corruption Vulnerability Leading to Denial-of-Service

Vulnerability

A vulnerability exists in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. It allows an authenticated, adjacent attacker to cause an unexpected device reload, creating a denial-of-service condition. This issue arises from heap corruption in OSPF packet parsing. Exploitation involves sending crafted packets to the OSPF service. Successful exploitation can corrupt the heap, causing the device to reload and disrupt services.

Impact

Exploitation of this vulnerability leads to an unexpected device reload, causing a denial-of-service condition.

Remediation

Cisco has released software updates to address this vulnerability. For instructions on upgrading Cisco Secure FTD devices, refer to the Cisco Secure FMC upgrade guide. To determine the best release for Cisco Secure Firewall ASA or Secure FTD Software, consult the respective compatibility and upgrade guides.

Added: Mar 4, 2026, 7:25 PM
Updated: Mar 4, 2026, 7:25 PM

Vulnerability Rating

Custom Algorithm
spread
6.8
impact
2.5
exploitability
2.9
remediation
7.7
relevance
3.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.